Initial commit, squashed

2023-12-18 11:22:14 +01:00 · 2023-12-18 11:22:14 +01:00 · 158e8740b8
commit 158e8740b8
83 changed files with 2718 additions and 0 deletions
--- a/roles/firewall/tasks/nftables.yml
+++ b/roles/firewall/tasks/nftables.yml
@ -0,0 +1,25 @@
+- name: Install nftables
+  package:
+    name: nftables
+
+- name: Copy nftables config
+  template:
+    dest: /etc/nftables.nft
+    src: nftables.nft.j2
+    mode: 0644
+  notify: reload nftables
+
+- name: Copy static nftables includes
+  template:
+    dest: '/etc/nftables.d/{{ item }}'
+    src: '{{ item }}.j2'
+    mode: 0644
+  loop:
+    - interfaces.nft
+  notify: reload nftables
+
+- name: Enable nftables service
+  service:
+    name: nftables
+    enabled: yes
+    state: started